CVE Catalog

CVE-2026-9425

High
Published: Translated: NVD NIST

Summary

A vulnerability has been identified in Edimax EW-7438RPn version 1.31 that allows for stack-based buffer overflow through manipulation of arguments in the formWlanMP function. An attacker can exploit this vulnerability remotely.

Risk Assessment

Exploitation of this vulnerability could lead to remote control of the device, posing a serious security threat to the organization's network.

Recommendation

It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activities.

Original NVD description (English source)

A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the function formWlanMP of the file /goform/formWlanMP. The manipulation of the argument ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTxPower1/e2pTxPower2/e2pTxPower3/e2pTxPower4/e2pTxPower5/e2pTxPower6/e2pTxPower7/e2pTx2Power1/e2pTx2Power2/e2pTx2Power3/e2pTx2Power4/e2pTx2Power5/e2pTx2Power6/e2pTx2Power7/ateTxFreqOffset/ateMode/ateBW/ateAntenna/e2pTxFreqOffset/e2pTxPwDeltaB/e2pTxPwDeltaG/e2pTxPwDeltaMix/e2pTxPwDeltaN/readE2P leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS